As e-commerce sales continue to skyrocket, more and more consumers are turning to the internet to get through the bulk of their Christmas shopping.
But the more popular e-commerce has become, the more susceptible online shoppers are to cyberattacks, fakes and frauds.
In fact, according to the 2018 Holiday Threat Report from Carbon Black, a cybersecurity company, cyberattacks are expected to spike 60 percent through the holiday shopping season this year.
“During the holiday season, there is often a ton of noise in the online world and attackers do everything they can to take advantage of that,” said Tom Kellermann, Carbon Black’s Chief Cybersecurity Officer, according to the report.
Based on past data, online shoppers should be on guard until New Year’s. There are two big spikes in online shopping around the holidays: the first starts on Black Friday and continues until Christmas Day, and the second begins shortly after Christmas Day until right before New Year’s Day as online shoppers race to nab the post-Christmas sale deals.
Cybersecurity experts say to expect a spike in cybercrime at the same time.
Furthermore, fakes and frauds are infiltrating e-commerce sites like Amazon and eBay at an alarmingly rapid rate, and no one wants to buy Dad fake leather gloves advertised as “real leather Made in Italy” for Christmas.
So how to stay safe? Here’s a few reliable tips and tricks recommended by cybersecurity companies and blogs:
1. Be wary of seemingly amazing email deals — and don’t click on the links.
According to Carbon Black and Sothis, an information technology (IT) and research company, the holiday shopping season is primetime for phishing campaigns. That eBay item you’re thinking of buying for your mom? The seller probably didn’t just drop the price by 50 percent — so double check who the sender is, and check the listing before you click the email link.
Bottom line: if the “sale” or “bargain” seems too good to be true, then it probably is.
2. Speaking of email links, be careful with tracking updates.
With so much online shopping, you’re probably trying to make sure all your packages arrive safely and on time. You’ve probably signed up for email alerts with tracking information — and maybe text messages too, if you’re really paranoid. But hackers know you’re paranoid, too, and they might send you fake emails with false tracking info and steal your personal data.
Again, double check the sender, and if you see any weird typos in the email address, subject line, etc., then just don’t open the email or click on any links in the email.
3. Shop from tried-and-true sellers.
If you like to hunt for deals on Amazon, eBay or Etsy, make sure you’re buying from a real seller. Christmas is when hackers pose as sellers to steal your data and banking or credit card info or send you fakes, so check and double check who you’re buying from.
Does the seller have good reviews? Is it the right brand? Check the comments too — usually other scammed shoppers will alert future shoppers from buying from a certain seller.
6. Prioritize shopping from websites with “https” in the domain.
Believe it or not, “https” is more secure than “http.” That doesn’t mean you’re guaranteed to be scammed at a website with an “http” domain, but it does mean it’s more likely.
4. Check your bank account periodically.
If you’re buying a lot of items online, it’s wise to check your bank account periodically just to make sure you’re being charged the right amounts for items and haven’t opened the door to a cyber thief.
5. Don’t shop over public Wi-Fi networks.
For many, this is already a no-brainer, but many people use public Wi-Fi networks, so it’s worth a warning. Your computer isn’t secure when it is logged onto a public Wi-Fi network with a WPA2 encryption standard, so completing financial transactions on such a public network is extremely unsafe.
This is because, as CSO Online explains, hackers are able to intercept you and your connection point — in this case, an e-commerce website — and so instead of sending your credit card info to a perfectly reputable Amazon seller, you’re actually sending it straight to the hacker.
So, don’t do it. Shop at home.